CVE-2017-7679: mod_mime buffer overread
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
httpd 2.2.0 to 2.2.32
httpd 2.4.0 to 2.4.25
Description:
mod_mime can read one byte past the end of a buffer when sending a
malicious Content-Type response header.
CVE-2017-3169: mod_ssl null pointer dereference
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
httpd 2.2.0 to 2.2.32
httpd 2.4.0 to 2.4.25
Description:
mod_ssl may dereference a NULL pointer when third-party modules call
ap_hook_process_connection() during an
CVE-2017-7668: ap_find_token buffer overread
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
httpd 2.2.32
httpd 2.4.24 (unreleased)
httpd 2.4.25
Description:
The HTTP strict parsing changes added in 2.2.32 and 2.4.24 introduced a
bug in token list parsing, which
CVE-2017-3167: ap_get_basic_auth_pw authentication bypass
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
httpd 2.2.0 to 2.2.32
httpd 2.4.0 to 2.4.25
Description:
Use of the ap_get_basic_auth_pw() by third-party modules outside of the
authentication phase may
Hi Eric et al.,
I built apache and I am able to successfully reach the url from Firefox: "It
works".
However, when I run ./davautocheck.sh from
~/ci/subversion/subversion/tests/cmdline, it finds apxs but generates this
error:
davautocheck.sh: Using '~/ci/httpd-2.4.25/apache/bin/apxs'...
Use
Does check_forensic still exist?
I am not finding it.
CVE-2017-7659: mod_http2 null pointer dereference
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
httpd 2.4.24 (unreleased)
httpd 2.4.25
Description:
A maliciously constructed HTTP/2 request could cause mod_http2 to
dereference a NULL pointer and crash the server
Apache HTTP Server 2.4.26 Released
June 19, 2017
The Apache Software Foundation and the Apache HTTP Server Project
are pleased to announce the release of version 2.4.26 of the Apache
HTTP Server ("Apache"). This version of Apache is our latest GA
release of the